Anonymous Monk has asked for the wisdom of the Perl Monks concerning the following question:

Hi, I have web service that is posting xml data to Windows server using NTLM2 authentication. Works fine but if payload is large (>1.4MB) authorization fails with message 'Credentials for 'login' failed before' and I get 'Client-Response-Num: 1' in every step of authentication - should be 1->2->3

I use Authen::NTLM version 1.09

I was able to submit same large payload using windows *.exe test client and using python client so issue is not network or server size limit.

Here is client code:

#!/usr/bin/perl -w
$| = 1;
use Authen::NTLM 1.09;
use LWP::UserAgent;
use HTTP::Request::Common;
use Data::Dumper;

my $url = 'http://ip:port/xyz';

ntlmv2(1);

my $ua = LWP::UserAgent->new(keep_alive=>1);
$ua->credentials('ip:port', '', "\\login", 'password');

$ua->add_handler("request_send",  sub { print "\n[START request_send h
+andler]\n"; shift->dump; print "[END request_send handler]\n\n"; retu
+rn });
$ua->add_handler("response_data",  sub { print "\n[START response_data
+ handler]\n"; shift->dump; print "[END response_data handler]\n\n"; r
+eturn ; });

my $response=$ua->request(
                        POST $url,                        
                        Content_Type => 'text/plain',
                        Content      => $xmlContent,
                    );
                                            
if ($response->is_success) 
    {print "It worked!->" . $response->code . "\ncontent:".$response->
+content.'\n'.$response->status_line."\n".$response->headers()->as_str
+ing()."\n";}
else 
    {print "It didn't work!->" . $response->code ." ".$response->statu
+s_line. "\n".$response->headers()->as_string(). "\n";}

[download]

Debug Output for large payload:

[START request_send handler]
POST http://url
User-Agent: libwww-perl/5.834
Content-Length: 15230551
Content-Type: text/plain

<?xml version="1.0" encoding="utf-8" ?>
<Contact...
(+ 15230039 more bytes not shown)
[END request_send handler]


[START response_data handler]
HTTP/1.1 401 Unauthorized
Date: Wed, 21 Aug 2013 23:57:52 GMT
Server: Microsoft-IIS/7.5
WWW-Authenticate: NTLM
WWW-Authenticate: Negotiate
Content-Length: 1293
Content-Type: text/html
Client-Peer: IPport
Client-Response-Num: 1
X-Powered-By: ASP.NET
[END response_data handler]


[START request_send handler]
POST http://url
Authorization: NTLM Txxx=
User-Agent: libwww-perl/5.834
Content-Length: 15230551
Content-Type: text/plain

<?xml version="1.0" encoding="utf-8" ?>
<Contact...
(+ 15230039 more bytes not shown)
[END request_send handler]


[START response_data handler]
HTTP/1.1 401 Unauthorized
Date: Wed, 21 Aug 2013 23:57:52 GMT
Server: Microsoft-HTTPAPI/2.0
WWW-Authenticate: NTLM Tlxxx==
Content-Length: 341
Content-Type: text/html; charset=us-ascii
Client-Peer: IPport
Client-Response-Num: 1
Title: Not Authorized
[END response_data handler]



[START request_send handler]
POST http://url
Authorization: NTLM Tlxxx
User-Agent: libwww-perl/5.834
Content-Length: 15230551
Content-Type: text/plain

<?xml version="1.0" encoding="utf-8" ?>
<Contact...
(+ 15230039 more bytes not shown)
[END request_send handler]


[START response_data handler]
HTTP/1.1 401 Unauthorized
Date: Wed, 21 Aug 2013 23:57:52 GMT
Server: Microsoft-IIS/7.5
WWW-Authenticate: NTLM
WWW-Authenticate: Negotiate
Content-Length: 1293
Content-Type: text/html
Client-Peer: IPport
Client-Response-Num: 1
X-Powered-By: ASP.NET
[END response_data handler]


[START request_send handler]
POST http://url
Authorization: NTLM Txxx=
User-Agent: libwww-perl/5.834
Content-Length: 15230551
Content-Type: text/plain

<?xml version="1.0" encoding="utf-8" ?>
<Contact...
(+ 15230039 more bytes not shown)
[END request_send handler]


[START response_data handler]
HTTP/1.1 401 Unauthorized
Date: Wed, 21 Aug 2013 23:57:52 GMT
Server: Microsoft-HTTPAPI/2.0
WWW-Authenticate: NTLM Tlxxx==
Content-Length: 341
Content-Type: text/html; charset=us-ascii
Client-Peer: IPport
Client-Response-Num: 1
Title: Not Authorized
[END response_data handler]

----------------------------------
....Removed one step
----------------------------------

[START request_send handler]
POST http://url
Authorization: NTLM Tlxxx
User-Agent: libwww-perl/5.834
Content-Length: 15230551
Content-Type: text/plain

<?xml version="1.0" encoding="utf-8" ?>
<Contact...
(+ 15230039 more bytes not shown)
[END request_send handler]


[START response_data handler]
HTTP/1.1 401 Unauthorized
Date: Wed, 21 Aug 2013 23:57:52 GMT
Server: Microsoft-IIS/7.5
WWW-Authenticate: NTLM
WWW-Authenticate: Negotiate
Content-Length: 1293
Content-Type: text/html
Client-Peer: IPport
Client-Response-Num: 1
X-Powered-By: ASP.NET
[END response_data handler]


It didn't work!->401 401 Unauthorized
Date: Wed, 21 Aug 2013 23:57:52 GMT
Server: Microsoft-IIS/7.5
WWW-Authenticate: NTLM
WWW-Authenticate: Negotiate
Content-Length: 1293
Content-Type: text/html
Client-Date: Tue, 20 Aug 2013 11:58:25 GMT
Client-Peer: IPport
Client-Response-Num: 1
Client-Warning: Credentials for 'login' failed before
Title: 401 - Unauthorized: Access is denied due to invalid credentials
+.
X-Powered-By: ASP.NET

[download]
Thanks!

Replies are listed 'Best First'.
Re: NTLM2 authentication fails for large payload
by lithron (Chaplain) on Aug 23, 2013 at 00:22 UTC

    If I were in your shoes, I would look harder at the web service for the source of the error. The web service is the one timing out, not the perl script.

    On another note, is it possible the Windows token timed out before the last large upload?
[reply]

      Thanks for your reply.

      Service provider says that since python client and windows client running from same location and using same payload are successful, then problem is perl script, not their server.

[reply]

Back to Seekers of Perl Wisdom